s83/user.js
1
0
Fork 0
mirror of https://github.com/arkenfox/user.js.git synced 2025-05-18 06:37:10 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

goodbye http and other stuff

Browse source
This commit is contained in:
Thorin-Oakenpants 2019-09-17 01:09:50 +00:00 committed by GitHub
parent be0ccf6460
commit f91d7ec67d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 13 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

37
user.js
View file

@ -360,9 +360,7 @@ user_pref("network.predictor.enable-prefetch", false); // [FF48+]
* [1] https://news.slashdot.org/story/15/08/14/2321202/how-to-quash-firefoxs-silent-requests * [1] https://news.slashdot.org/story/15/08/14/2321202/how-to-quash-firefoxs-silent-requests
* [2] https://www.ghacks.net/2015/08/16/block-firefox-from-connecting-to-sites-when-you-hover-over-links/ ***/ * [2] https://www.ghacks.net/2015/08/16/block-firefox-from-connecting-to-sites-when-you-hover-over-links/ ***/
user_pref("network.http.speculative-parallel-limit", 0); user_pref("network.http.speculative-parallel-limit", 0);
/* 0606: disable pings (but enforce same host in case) /* 0606: disable hyperlink ping tracking (enforce same host in case) ***/
* [1] http://kb.mozillazine.org/Browser.send_pings
* [2] http://kb.mozillazine.org/Browser.send_pings.require_same_host ***/
user_pref("browser.send_pings", false); // [DEFAULT: false] user_pref("browser.send_pings", false); // [DEFAULT: false]
user_pref("browser.send_pings.require_same_host", true); user_pref("browser.send_pings.require_same_host", true);
@ -375,7 +373,7 @@ user_pref("_user.js.parrot", "0700 syntax error: the parrot's given up the ghost
* [NOTE] This is just an application level fallback. Disabling IPv6 is best done at an * [NOTE] This is just an application level fallback. Disabling IPv6 is best done at an
* OS/network level, and/or configured properly in VPN setups. If you are not masking your IP, * OS/network level, and/or configured properly in VPN setups. If you are not masking your IP,
* then this won't make much difference. If you are maksing your IP, then it can only help. * then this won't make much difference. If you are maksing your IP, then it can only help.
* [TEST] http://ipv6leak.com/ * [TEST] https://ipleak.org/
* [1] https://github.com/ghacksuserjs/ghacks-user.js/issues/437#issuecomment-403740626 * [1] https://github.com/ghacksuserjs/ghacks-user.js/issues/437#issuecomment-403740626
* [2] https://www.internetsociety.org/tag/ipv6-security/ (see Myths 2,4,5,6) ***/ * [2] https://www.internetsociety.org/tag/ipv6-security/ (see Myths 2,4,5,6) ***/
user_pref("network.dns.disableIPv6", true); user_pref("network.dns.disableIPv6", true);
@ -404,8 +402,7 @@ user_pref("network.http.altsvc.oe", false);
/* 0704: enforce the proxy server to do any DNS lookups when using SOCKS /* 0704: enforce the proxy server to do any DNS lookups when using SOCKS
* e.g. in Tor, this stops your local DNS server from knowing your Tor destination * e.g. in Tor, this stops your local DNS server from knowing your Tor destination
* as a remote Tor node will handle the DNS request * as a remote Tor node will handle the DNS request
* [1] http://kb.mozillazine.org/Network.proxy.socks_remote_dns * [1] https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/WebBrowsers ***/
* [2] https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/WebBrowsers ***/
user_pref("network.proxy.socks_remote_dns", true); user_pref("network.proxy.socks_remote_dns", true);
/* 0707: disable (or setup) DNS-over-HTTPS (DoH) [FF60+] /* 0707: disable (or setup) DNS-over-HTTPS (DoH) [FF60+]
* TRR = Trusted Recursive Resolver * TRR = Trusted Recursive Resolver
@ -469,7 +466,6 @@ user_pref("browser.sessionhistory.max_entries", 10);
/* 0805: disable CSS querying page history - CSS history leak /* 0805: disable CSS querying page history - CSS history leak
* [NOTE] This has NEVER been fully "resolved": in Mozilla/docs it is stated it's * [NOTE] This has NEVER been fully "resolved": in Mozilla/docs it is stated it's
* only in 'certain circumstances', also see latest comments in [2] * only in 'certain circumstances', also see latest comments in [2]
* [TEST] http://lcamtuf.coredump.cx/yahh/ (see github wiki APPENDIX A on how to use)
* [1] https://dbaron.org/mozilla/visited-privacy * [1] https://dbaron.org/mozilla/visited-privacy
* [2] https://bugzilla.mozilla.org/147777 * [2] https://bugzilla.mozilla.org/147777
* [3] https://developer.mozilla.org/docs/Web/CSS/Privacy_and_the_:visited_selector ***/ * [3] https://developer.mozilla.org/docs/Web/CSS/Privacy_and_the_:visited_selector ***/
@ -501,7 +497,7 @@ user_pref("browser.urlbar.speculativeConnect.enabled", false);
* (i.e. at least one of 0850a suggestion types must be true) but you want to *limit* suggestions shown ***/ * (i.e. at least one of 0850a suggestion types must be true) but you want to *limit* suggestions shown ***/
// user_pref("browser.urlbar.maxRichResults", 0); // user_pref("browser.urlbar.maxRichResults", 0);
/* 0850d: disable location bar autofill /* 0850d: disable location bar autofill
* [1] http://kb.mozillazine.org/Inline_autocomplete ***/ * [1] https://support.mozilla.org/en-US/kb/address-bar-autocomplete-firefox#w_url-autocomplete ***/
// user_pref("browser.urlbar.autoFill", false); // user_pref("browser.urlbar.autoFill", false);
/* 0850e: disable location bar one-off searches [FF51+] /* 0850e: disable location bar one-off searches [FF51+]
* [1] https://www.ghacks.net/2016/08/09/firefox-one-off-searches-address-bar/ ***/ * [1] https://www.ghacks.net/2016/08/09/firefox-one-off-searches-address-bar/ ***/
@ -541,9 +537,8 @@ user_pref("security.ask_for_password", 2);
* in minutes, default is 30 ***/ * in minutes, default is 30 ***/
user_pref("security.password_lifetime", 5); user_pref("security.password_lifetime", 5);
/* 0905: disable auto-filling username & password form fields /* 0905: disable auto-filling username & password form fields
* can leak in cross-site forms AND be spoofed * can leak in cross-site forms *and* be spoofed
* [NOTE] Password will still be auto-filled after a user name is manually entered * [NOTE] Username & password is still available when you enter the field ***/
* [1] http://kb.mozillazine.org/Signon.autofillForms ***/
user_pref("signon.autofillForms", false); user_pref("signon.autofillForms", false);
/* 0909: disable formless login capture for Password Manager [FF51+] ***/ /* 0909: disable formless login capture for Password Manager [FF51+] ***/
user_pref("signon.formlessCapture.enabled", false); user_pref("signon.formlessCapture.enabled", false);
@ -730,7 +725,7 @@ user_pref("security.mixed_content.block_object_subrequest", true);
/** CIPHERS [see the section 1200 intro] ***/ /** CIPHERS [see the section 1200 intro] ***/
/* 1261: disable 3DES (effective key size < 128) /* 1261: disable 3DES (effective key size < 128)
* [1] https://en.wikipedia.org/wiki/3des#Security * [1] https://en.wikipedia.org/wiki/3des#Security
* [2] http://en.citizendium.org/wiki/Meet-in-the-middle_attack * [2] https://en.wikipedia.org/wiki/Meet-in-the-middle_attack
* [3] https://www-archive.mozilla.org/projects/security/pki/nss/ssl/fips-ssl-ciphersuites.html ***/ * [3] https://www-archive.mozilla.org/projects/security/pki/nss/ssl/fips-ssl-ciphersuites.html ***/
// user_pref("security.ssl3.rsa_des_ede3_sha", false); // user_pref("security.ssl3.rsa_des_ede3_sha", false);
/* 1262: disable 128 bits ***/ /* 1262: disable 128 bits ***/
@ -932,8 +927,7 @@ user_pref("media.block-autoplay-until-in-foreground", true); // [DEFAULT: true]
/*** [SECTION 2200]: WINDOW MEDDLING & LEAKS / POPUPS ***/ /*** [SECTION 2200]: WINDOW MEDDLING & LEAKS / POPUPS ***/
user_pref("_user.js.parrot", "2200 syntax error: the parrot's 'istory!"); user_pref("_user.js.parrot", "2200 syntax error: the parrot's 'istory!");
/* 2201: prevent websites from disabling new window features /* 2201: prevent websites from disabling new window features ***/
* [1] http://kb.mozillazine.org/Prevent_websites_from_disabling_new_window_features ***/
user_pref("dom.disable_window_open_feature.close", true); user_pref("dom.disable_window_open_feature.close", true);
user_pref("dom.disable_window_open_feature.location", true); // [DEFAULT: true] user_pref("dom.disable_window_open_feature.location", true); // [DEFAULT: true]
user_pref("dom.disable_window_open_feature.menubar", true); user_pref("dom.disable_window_open_feature.menubar", true);
@ -961,8 +955,7 @@ user_pref("browser.link.open_newwindow.restriction", 0);
* [SETTING] Privacy & Security>Permissions>Block pop-up windows ***/ * [SETTING] Privacy & Security>Permissions>Block pop-up windows ***/
user_pref("dom.disable_open_during_load", true); user_pref("dom.disable_open_during_load", true);
/* 2212: limit events that can cause a popup [SETUP-WEB] /* 2212: limit events that can cause a popup [SETUP-WEB]
* default is "change click dblclick auxclick mouseup pointerup notificationclick reset submit touchend contextmenu" * default is "change click dblclick auxclick mouseup pointerup notificationclick reset submit touchend contextmenu" ***/
* [1] http://kb.mozillazine.org/Dom.popup_allowed_events ***/
user_pref("dom.popup_allowed_events", "click dblclick"); user_pref("dom.popup_allowed_events", "click dblclick");
/*** [SECTION 2300]: WEB WORKERS /*** [SECTION 2300]: WEB WORKERS
@ -1042,7 +1035,7 @@ user_pref("dom.disable_beforeunload", true);
/* 2414: disable shaking the screen ***/ /* 2414: disable shaking the screen ***/
user_pref("dom.vibrator.enabled", false); user_pref("dom.vibrator.enabled", false);
/* 2420: disable asm.js [FF22+] [SETUP-PERF] /* 2420: disable asm.js [FF22+] [SETUP-PERF]
* [1] http://asmjs.org/ * [1] https://developer.mozilla.org/en-US/docs/Games/Tools/asm.js
* [2] https://www.mozilla.org/security/advisories/mfsa2015-29/ * [2] https://www.mozilla.org/security/advisories/mfsa2015-29/
* [3] https://www.mozilla.org/security/advisories/mfsa2015-50/ * [3] https://www.mozilla.org/security/advisories/mfsa2015-50/
* [4] https://www.mozilla.org/security/advisories/mfsa2017-01/#CVE-2017-5375 * [4] https://www.mozilla.org/security/advisories/mfsa2017-01/#CVE-2017-5375
@ -1140,8 +1133,7 @@ user_pref("devtools.webide.autoinstallADBExtension", false); // [FF64+]
* [1] https://bugzilla.mozilla.org/1216893 ***/ * [1] https://bugzilla.mozilla.org/1216893 ***/
// user_pref("svg.disabled", true); // user_pref("svg.disabled", true);
/* 2611: disable middle mouse click opening links from clipboard /* 2611: disable middle mouse click opening links from clipboard
* [1] https://trac.torproject.org/projects/tor/ticket/10089 * [1] https://trac.torproject.org/projects/tor/ticket/10089 ***/
* [2] http://kb.mozillazine.org/Middlemouse.contentLoadURL ***/
user_pref("middlemouse.contentLoadURL", false); user_pref("middlemouse.contentLoadURL", false);
/* 2614: limit HTTP redirects (this does not control redirects with HTML meta tags or JS) /* 2614: limit HTTP redirects (this does not control redirects with HTML meta tags or JS)
* [NOTE] A low setting of 5 or under will probably break some sites (e.g. gmail logins) * [NOTE] A low setting of 5 or under will probably break some sites (e.g. gmail logins)
@ -1216,9 +1208,7 @@ user_pref("extensions.autoDisableScopes", 15); // [DEFAULT: 15]
/* 2680: enable CSP (Content Security Policy) /* 2680: enable CSP (Content Security Policy)
* [1] https://developer.mozilla.org/docs/Web/HTTP/CSP ***/ * [1] https://developer.mozilla.org/docs/Web/HTTP/CSP ***/
user_pref("security.csp.enable", true); // [DEFAULT: true] user_pref("security.csp.enable", true); // [DEFAULT: true]
/* 2684: enforce a security delay on some confirmation dialogs such as install, open/save /* 2684: enforce a security delay on some confirmation dialogs such as install, open/save ***/
* [1] http://kb.mozillazine.org/Disable_extension_install_delay_-_Firefox
* [2] https://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/ ***/
user_pref("security.dialog_enable_delay", 700); user_pref("security.dialog_enable_delay", 700);
/*** [SECTION 2700]: PERSISTENT STORAGE /*** [SECTION 2700]: PERSISTENT STORAGE
@ -1246,8 +1236,7 @@ user_pref("network.cookie.cookieBehavior", 1);
and (FF58+) set third-party non-secure (i.e HTTP) cookies to session-only and (FF58+) set third-party non-secure (i.e HTTP) cookies to session-only
[NOTE] .sessionOnly overrides .nonsecureSessionOnly except when .sessionOnly=false and [NOTE] .sessionOnly overrides .nonsecureSessionOnly except when .sessionOnly=false and
.nonsecureSessionOnly=true. This allows you to keep HTTPS cookies, but session-only HTTP ones .nonsecureSessionOnly=true. This allows you to keep HTTPS cookies, but session-only HTTP ones
* [1] https://feeding.cloud.geek.nz/posts/tweaking-cookies-for-privacy-in-firefox/ * [1] https://feeding.cloud.geek.nz/posts/tweaking-cookies-for-privacy-in-firefox/ ***/
* [2] http://kb.mozillazine.org/Network.cookie.thirdparty.sessionOnly ***/
user_pref("network.cookie.thirdparty.sessionOnly", true); user_pref("network.cookie.thirdparty.sessionOnly", true);
user_pref("network.cookie.thirdparty.nonsecureSessionOnly", true); // [FF58+] user_pref("network.cookie.thirdparty.nonsecureSessionOnly", true); // [FF58+]
/* 2703: delete cookies and site data on close /* 2703: delete cookies and site data on close